hplip-3.12.4-4.AXS4
エラータID: AXSA:2013-130:01
The Hewlett-Packard Linux Imaging and Printing Project provides drivers for HP printers and multi-function peripherals.
Security issues fixed with this releaseL:
• CVE-2011-2722
The send_data_to_stdout function in prnt/hpijs/hpcupsfax.cpp in HP Linux Imaging and Printing (HPLIP) 3.x before 3.11.10 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/hpcupsfax.out temporary file.
• CVE-2013-0200
HP Linux Imaging and Printing (HPLIP) through 3.12.4 allows local users to overwrite arbitrary files via a symlink attack on the (1) /tmp/hpcupsfilterc_#.bmp, (2) /tmp/hpcupsfilterk_#.bmp, (3) /tmp/hpcups_job#.out, (4) /tmp/hpijs_#####.out, or (5) /tmp/hpps_job#.out temporary file, a different vulnerability than CVE-2011-2722.
Fixed bugs:
• The hpijs no longer requires the cupsddk-drivers from the cups package as it sometimes caused hpijs installation to fail.
• The hp-check utility only checked one of the two possible configuration files for the the SANE back end and could incorrectly report a problem. This has been fixed.
Update packages.
The send_data_to_stdout function in prnt/hpijs/hpcupsfax.cpp in HP Linux Imaging and Printing (HPLIP) 3.x before 3.11.10 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/hpcupsfax.out temporary file.
HP Linux Imaging and Printing (HPLIP) through 3.12.4 allows local users to overwrite arbitrary files via a symlink attack on the (1) /tmp/hpcupsfilterc_#.bmp, (2) /tmp/hpcupsfilterk_#.bmp, (3) /tmp/hpcups_job#.out, (4) /tmp/hpijs_#####.out, or (5) /tmp/hpps_job#.out temporary file, a different vulnerability than CVE-2011-2722.
N/A
SRPMS
- hplip-3.12.4-4.AXS4.src.rpm
MD5: c9cbdd7bddf5557b33bca98a8dff35ed
SHA-256: 1c3650b8759f0b23ce534076a8027bfb88bdb5abc22455972223de54ba2a9170
Size: 19.70 MB
Asianux Server 4 for x86
- hpijs-3.12.4-4.AXS4.i686.rpm
MD5: bff3dc60b10af507fc8108eccb7bdb09
SHA-256: 105f9ca33e2a07dc965ad43eb95d2e8efa0e08f8e92274140f72d6debaf42649
Size: 4.83 MB - hplip-3.12.4-4.AXS4.i686.rpm
MD5: 050ff8893f2132b27d13ac3dcd73a8c4
SHA-256: 140e17e4b269052a756ca681f92c696bb45aefb106548df6941ed04d3528e6b2
Size: 6.00 MB - hplip-common-3.12.4-4.AXS4.i686.rpm
MD5: 9166e31811dfef7c97a392375c6c084b
SHA-256: a1acbf9af5717a42250ba1c59d17165f156bc8e17443d06074672598cbad74e7
Size: 73.43 kB - hplip-gui-3.12.4-4.AXS4.i686.rpm
MD5: 09bced12e9b265e45294c75cec37f8b6
SHA-256: 529f22d5ea10581c2744aaa09d7c45caedd386f2541ae2952e8d6b9b122284eb
Size: 1.45 MB - hplip-libs-3.12.4-4.AXS4.i686.rpm
MD5: 4ea3c1d899eb71b190b1d9b971039ec4
SHA-256: e2ab6ea9da5a5e3ca9217b29c7f361a1b31bfbb0ab60a65af9d2f840c0b4acc5
Size: 140.96 kB - libsane-hpaio-3.12.4-4.AXS4.i686.rpm
MD5: 84f913511ab2b07200004b7408928f81
SHA-256: 9fab9252b3c5665b53207a3069ec0cb5e3dbedb45ea258e83fcf2afa185b054b
Size: 85.95 kB
Asianux Server 4 for x86_64
- hpijs-3.12.4-4.AXS4.x86_64.rpm
MD5: d301632b72263a2786a6c3586ec90fc9
SHA-256: 8cd39cd4edd6b1bcfa064517b33169a681e6702f20b84b6f1cd0de61a4f17a4a
Size: 4.82 MB - hplip-3.12.4-4.AXS4.x86_64.rpm
MD5: 68b87cf97ec4a3f3188c8c990c1d5e6c
SHA-256: 93d3db1f86f732388c80f275a8cab8f1bfbe569725f8441685f8bd98da78a90a
Size: 6.00 MB - hplip-common-3.12.4-4.AXS4.x86_64.rpm
MD5: 80ef4b0b8e40961a91a3e367ddbea27a
SHA-256: 590e97a31f2dac2cc2a9ed2cee25c2cb261536a99a7a518e0d51e8df309d6e32
Size: 72.98 kB - hplip-gui-3.12.4-4.AXS4.x86_64.rpm
MD5: 69f982c27e22184c37d8af3e349f6bc3
SHA-256: 4d397c019d84381f9cbf027b02e8d4cb157943bd1e06e82bafadb36105ed793b
Size: 1.45 MB - hplip-libs-3.12.4-4.AXS4.x86_64.rpm
MD5: f3fe62c19cd6fd6547e424cc0c714e04
SHA-256: 8ab5f19183d717df9fe577597457c14b7f503c9bafb8762b1e1b6be6d0c58bc7
Size: 140.32 kB - libsane-hpaio-3.12.4-4.AXS4.x86_64.rpm
MD5: d4726b47c5a86111ff97aa9fe139cc57
SHA-256: 1ce2c771a8a24bef50ed525515ede59451f9dd738d63bb90b2dd4507cc60b61f
Size: 84.07 kB - hplip-libs-3.12.4-4.AXS4.i686.rpm
MD5: 4ea3c1d899eb71b190b1d9b971039ec4
SHA-256: e2ab6ea9da5a5e3ca9217b29c7f361a1b31bfbb0ab60a65af9d2f840c0b4acc5
Size: 140.96 kB